CVE-1999-0191
Internet Information Server - Arbitrary File Write via newdsn.exe CGI Script
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-1999-0191. PoCs published by Vytis Fedaravicius.
AI-analyzed exploit summary This exploit leverages a default sample program in Microsoft IIS 3.0 to create arbitrary files on the server by manipulating the URL parameters. The vulnerability allows remote file creation with any extension, including .html, by specifying a path and filename in the query string.
Description
IIS newdsn.exe CGI script allows remote users to overwrite files.
Exploits (1)
This exploit leverages a default sample program in Microsoft IIS 3.0 to create arbitrary files on the server by manipulating the URL parameters. The vulnerability allows remote file creation with any extension, including .html, by specifying a path and filename in the query string.